The IT Security Analyst will provide assistance to the Manager, Security and Compliance in overseeing and coordinating security efforts across the College and ITS. Under the supervision of the Manager, Security and Compliance, the incumbent will support with the following responsibilities, Security Operations, Security Policies and Procedures, Security Awareness, Business Continuity Planning (BCP) /Disaster Recovery (DR) Planning and Risk Management.
Responsibilities: Support and Administration:
Investigates reported security incidents and policy violations, addresses complaints from internal and external parties which often requires access to sensitive information. Serves as the central point of contact for all security related issues. Conduct and draft post-mortem analysis reports, subsequent to major events, outlining root cause, lessons learned, and mitigation action.
Conducts IT security monitoring on IT systems using appropriate measures such as security dashboards, alerts, etc. and ensures compliance with defined security parameters. The incumbent will identify systems and users behavioural trends which may suggest a breach of IT security.
Provides ITS and college departments security related consulting services and offering insights into best practices by maintaining a broad knowledge of the latest IT security-related technologies, trends, issues and solutions.
Facilitates vulnerability and penetration testing to determine the origanization’s security posture, work with stakeholders to come up with remediation plan to address identified vulnerabilites, and follow up with stakeholders to ensure remediation plan is followed through.
In collaboration with stakeholders and under the guidance of the Manager, Security and Compliance, develops and delivers awareness and training programs concerning information security. The target audience is ITS and college staff, faculty and other related authorized users.
Participates in the planning, design, implementation and testing of business continuity plan and IT disaster recovery plan under the direction of the Manager, Secuirty and Compliance.
Maintains and updates ITS risk register under the supervision of the Manager, Security and Compliance. Regularly facilitates reviews to assess the state of identified risks. Work with ITS stakeholders to develop preventative measures to mitigate identified risks.
Policies, Compliance, Enforcement
Coordinates the development of information security policies, standards and procedures (PSP). Facilitates work-groups that include key ITS, data custodians, and governance resources. Ensures their participation and responsiveness in the PSP.
Ensures the enforcement of PSP across ITS and the college. Develops metrics and measures to assist in the enforcement process. Reports to the college executive on the state of enforcement and potential risks.
Minimum three (3) year Diploma or Degree in Computer Technology or a related field. If in a related discipline, state how the education is related.
CISSP (Certified Information Systems Security Professional) or other security certification/accreditation.
Minimum five (5) years of experience with operating systems, computer and network security assessments, systems programming and administration, applications development, database administration, networks operations, user support and data centre operations.
Proven track record to plan, implement, test, and monitor information security solutions
Note: A skills assessment test may be administered during the recruitment process.